[tor-dev] memcmp() & co. timing info disclosures?
Robert Ransom
rransom.8774 at gmail.com
Sat May 7 05:25:52 UTC 2011
On Fri, 6 May 2011 22:11:06 -0700
Chris Palmer <chris at eff.org> wrote:
> On May 6, 2011, at 8:53 PM, Robert Ransom wrote:
> > GCC is likely to turn (v1 == v2) into a backdoor.
>
> Can you explain what you mean?
I would expect GCC (and most other C compilers) to use a
non-constant-time implementation of (v1 == v2).
Robert Ransom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20110506/8e6cff01/attachment.pgp>
More information about the tor-dev
mailing list